How To Shop Online Safely (Without Getting Scammed)

How Do You Avoid Scams While Shopping Online?

Online shopping is convenient and easy. But is it safe? Not always.

According to the Federal Trade Commission (FTC) [*]:

Over 327,000 Americans fell victim to online shopping scams in 2022, with losses of more than $350 million.

Fraudsters create fake online stores and then use social media ads to lure you in to become a customer. But the products either don’t arrive, aren’t what you expected, or come with huge hidden fees.

Criminals can even use the information you supply when shopping — like your name, address, and credit card details — to steal your identity and drain your bank account.

The good news is you don’t have to stop shopping online to stay safe.

In this guide, we’ll teach you how to identify the most common online shopping scams and then walk through fifteen easy steps you can take to ensure you don’t get scammed while shopping online.

{{show-toc}}

The 5 Most Common Online Shopping Scams of 2024

Online shopping scams can take many forms — from fake stores to counterfeit goods, fraudulent ads, and expensive fees.

While shopping online, be on the lookout for these five common scams:

1. Fake or spoofed online stores. The most common online shopping scam is when fraudsters create a fake shopping website or app. These sites may look legitimate (or even mirror a legitimate site), but they’re designed to steal your sensitive information and credit card numbers or sell you counterfeit and non-existent goods.
2. Fraudulent social media ads. According to one study, 40% of all online shopping scams come from Facebook and Instagram ads [*]. These flashy ads often use hacked accounts and stolen photos, but the products either don’t arrive or are cheap knockoffs of what was advertised.
3. Selling discounted “luxury” goods. Many online shoppers are scammed by looking at deals that are too good to be true. Criminals create ads for steeply discounted luxury items like designer sunglasses or bags. But the items either don’t arrive or are counterfeit. Be especially careful when shopping for popular or difficult-to-find items.
4. Asking for non-traditional payment methods. One of the biggest red flags that you’re dealing with an online shopping scam is if the website asks for payment via wire transfers, gift cards, money orders, cryptocurrency, or payment apps like Venmo and Zelle.
5. Using fake reviews to make you think they’re a legitimate site. Most of us believe an online store if they have reviews. But scammers use what’s called a brushing scam to create fake reviews on sites like Amazon or eBay.

The bottom line: Online shopping scams are getting harder to appear and may even show up in legitimate search results, pop up while you’re on social media, or get shared by friends. Don’t enter your payment or personal details until you’ve thoroughly vetted the site and feel confident that it’s legitimate.

How To Shop Online Safely: 15 Easy Tips

1. Buy from online retailers you recognize
2. Make sure you’re on a “secure” website
3. Check the store’s design, pricing, and details for red flags
4. Only use safe payment services
5. Learn the warning signs of a scam email
6. Beware of discount codes on social media
7. Always check shipping costs and terms
8. Never store your credit card details with a store
9. Create strong, secure passwords
10. Monitor your credit and bank statements
11. Check to see if your account details were leaked
12. Secure your devices with antivirus software
13. Watch your back when shopping in public
14. Use official shopping apps
15. Sign up for identity theft protection

By following these quick and easy steps, you’ll avoid 99% of online shopping scams.

Here’s what to do:

1. Buy from online retailers you recognize

Major online retailers like Amazon, Walmart, Best Buy, and Target spend millions on ensuring a safe online shopping experience. If one of these stores is selling what you’re looking for, it’s a safer bet.

However, there are two things to consider even when shopping with a retailer you know:

1. Don’t blindly trust search results. Scammers can create fake versions of sites you trust. Nearly 50% of people who lost money to an online shopping scam were targeted in Google search results [*]. Bookmark your favorite shopping sites to visit them directly. And always double check URLs for misspellings or errors (like “Walmrat” instead of “Walmart”).
2. Beware of “marketplace” sellers. Sites like Amazon and even Best Buy offer products sold by other retailers on their platform. These sellers don’t always follow the same policies as the site they’re listed on. Amazon blocks billions of fraudulent and scam products every year [*], but some still get through. Pay special attention to any product that isn’t coming from the official online store.

📚 Related: 14 Amazon Scams You Didn't Know About (Until Now) →

2. Make sure you’re on a “secure” website

One of the main indicators of an online shopping scam is an “unsecure” website. These sites are vulnerable to hackers or could be using compromised payment systems that can steal your credit card information.

Secure sites use what’s called SSL (secure sockets layer) encryption. This means that any information you enter — name, shipping address, credit card number — will be masked and can’t be intercepted by hackers.

Look for HTTPS (not HTTP) and a padlock symbol near the URL in the address bar. Click on the padlock symbol to check whether the connection is secure and the SSL certificate is valid. This is especially important if you click on an Instagram ad and it takes you to an online store.

📚 Related: The 10 Biggest Instagram Scams Happening Right Now →

3. Scrutinize the details of any online store you’re unfamiliar with

A secure website doesn’t ensure that you won’t get scammed. Unfortunately, a recent analysis of online scam and phishing sites (which steal your personal information) found that 83% of them used HTTPS while 94% had valid SSL certificates [*]. 

Instead, you need to look for the warning signs of a scam online store. Here are a few details you should scrutinize before purchasing:

• Design: E-commerce sellers know that design and high-quality photography are essential. Look for shady designs or low-quality images that could’ve been stolen from other sites. 
• Pricing: Beware of “too-good-to-be-true” and bargain prices — especially on items that are hard to find elsewhere. Scammers will often discount their prices just enough to be the best choice to avoid suspicion. 
• URL: Scam websites will often use a web address that looks similar to stores you trust. They also might use “.net” or another domain rather than a “.com” one.
• Language: Scam online stores often originate in China or other foreign countries. Look for brand names or descriptions that don’t make sense or aren’t in proper English. 
• Spelling and grammatical errors: Poor spelling and strange syntax or formatting are also hallmarks of a scam store. Don’t just assume it was a mistake. 
• Company info: What does the “About us” page say? Can you find information about the store? If not, be suspicious.
• Reviews: Make sure the reviews match the product page and double check by looking for off-site reviews of the store. Many scammers will create fake reviews or steal ones from Amazon to make their sites look more legitimate.

To be extra-careful, try a simple Google search of “[Store name] + scam/fraud/safe”. Or, search for the store or product name in the Better Business Bureau’s Scam Tracker.

If someone has been scammed by this shopping site before, you’ll most likely find out with a quick search.

4. Only use safe payment services

Make sure any site you buy from uses safe payment services such as credit cards or PayPal.

Most credit card companies have $0 fraud liability policies, which means you won’t be on the hook for fraudulent charges. Plus, unlike using your debit card, a hacker can’t access your bank account with a stolen credit card.

One recent study found that users who used a credit card or PayPal lost less or even got their money back from scammers compared to those who used Cash App, Zelle, Venmo, Apple Pay, or a wire transfer [*]. (Less than 1% of Zelle users were able to get their money back!)

📚 Related: Scammed on PayPal? Here's What To Do →

5. Learn the warning signs of a scam email or social media ad

Online shopping scams often originate from unsolicited emails or social media ads. According to the FTC [*]:

Americans lost over $650 million to fakes ads and other social media scams in the first half of 2023 alone.

How to identify a fake or scam social media shopping ad:

• Low-quality photos or stock imagery.
• Too-good-to-be true offers or unbelievable discounts.
• Links to an online store that looks sketchy.

How to identify a fake shopping email:

• A strange “From” email address that doesn’t match the name on the email.
• Subject lines that are misspelled or claim too-good-to-be true offers.
• The entire email is embedded in an image or iframe.
• The sender’s email is from a suspicious domain (for example, “@Amazon-support.net”)
• It contains a strange link or attachment.

Pro tip: If you’re receiving a lot of scam and spam emails, your online accounts could be at risk. Scammers buy lists of compromised email addresses stolen during data breaches.

6. Beware of discount codes on social media

Fraudsters post on TikTok and other social media platforms posing as disgruntled employees who are “exposing” steep discount codes for their previous employer — as long as you’re willing to pay the shipping costs [*].

If you click on the links, you’re taken to a spoofed website that shows discounted prices and inflated shipping fees. If you pay, you may get nothing — or a cheap knockoff.

Pro tip: Companies almost never publicly share valid discount codes over 15 or 20%. If you want to check if a code is legitimate, make sure you’re on the retailer’s official website and try it during the checkout process.

📚 Related: The 10 Latest Costco Scams You Didn't Know About →

7. Always check shipping costs and terms

Some online stores will scam you with outrageous shipping costs or long lead times. Others will send you fake shipping “confirmation” emails and text notifications (you can check these by entering the tracking number on the shipper’s official website — such as USPS.com).

Always check a store’s official shipping and return policies. Even if you receive a fraudulent item, it can be difficult to reverse the credit card purchase, as your item shows as delivered.

📚 Related: The Worst Holidays Scams of The Year (and How To Avoid Them) →

8. Never store your credit card details with an online store

It may seem convenient to store your credit card details for future purchases, but hackers often target these systems with cyber attacks to steal your financial information. Checking out as a “guest” may involve a few extra steps each time you shop, but it’s worth it to keep your credit card numbers safe.

9. Create strong, secure passwords and use a password manager

If you need to create an account for an online store, make sure to use a strong password. For added security, store your credentials in a secure password manager and enable two-factor authentication (2FA) whenever possible.

A strong password should:

• Be at least 10 characters long
• Use a combination of upper and lowercase letters, symbols, and numbers
• Be unique and not a slight variation from others you use
• Not include easy-to-guess words or phrases (such as hobbies, pet names, etc.)

📚 Related: Was Your PayPal Account Hacked? Here's What You Can Do →

10. Monitor your credit and bank statements for signs of fraud

If a scammer gets access to your financial information, they can ruin your credit, take out loans in your name, or run up your credit card debt.

Make sure to regularly check your bank and credit card statements for any suspicious transactions. Scammers often make tiny charges to “verify” that your card numbers work (called carding).

You can get a free credit report from each of the three bureaus — Experian, Equifax, and TransUnion — from AnnualCreditReport.com. Or, sign up for a credit monitoring service that will alert you to signs of fraud in near real-time.

11. Check to see if your account details were leaked in a data breach

Even the most legitimate online shopping sites can get hacked. There’s always the possibility that your account details are already available to anyone on the Dark Web. If they are, you’ll want to change your passwords and set up credit monitoring ASAP.

Use Aura's Dark Web scanner to get started.

📚 Related: The 14 Latest PayPal Scams (and How To Avoid Them) →

12. Be extra-careful when shopping over Wi-Fi

Public Wi-Fi networks are notoriously easy to hack. Cybercriminals can use what’s called a man-in-the-middle attack to intercept the data you send to a shopping site, including credit card or payment details.  

When shopping online, make sure you’re using a secure internet connection. If you need to make purchases while traveling or out of the house (such as at a coffee shop or hotel), use a virtual private network (VPN).

📚 Related: Is Etsy Safe? 7 Etsy Scams You Need To Know →

13. Watch your back when shopping in public

“Shoulder surfing” is a common scam where fraudsters watch you enter your login details, credit card information, or other sensitive data in public. Even if your network is secure with a VPN, be aware of your physical surroundings.

If you think someone can see your screen, wait to shop until you’re in a more private area.

14. Use official shopping apps whenever possible

Large retailers like Amazon and Walmart often have their own mobile apps. If you’re shopping on a mobile device, these apps can be a much safer alternative to visiting their website.

But be sure to keep apps updated. Hackers take advantage of bugs or vulnerabilities to breach these apps and steal your information. Turn on auto-updates or install updates as soon as they’re available.

📚 Related: Avoid These 8 eBay Gift Card Scams At All Costs →

15. Sign up for identity theft protection for added security

Even if you follow all of these safe online shopping tips, there’s always the chance that you’ll get hacked or scammed. And in the case of data breaches, it might not even be your fault.

To keep your online accounts and financial information safe from criminals, consider signing up for Aura’s all-in-one digital security service.

With Aura, you get:

• Award-winning identity theft and online account protection to monitor your most sensitive accounts and info and warn you if they’ve been compromised.
• Three-bureau credit monitoring with the industry’s fastest fraud alerts to keep your credit and financial accounts safe.
• AI-powered digital security tools including antivirus, VPN, password manager, and more tools to protect you from hackers, malware, and phishing.
• 24/7 White Glove Fraud Resolution support that will help you recover your identity.
• Up to $5 million in identity theft insurance, should you become the victim of identity theft.
  

Were You Scammed by an Online Store? Here’s What To Do

Even if you’re careful, online shopping scammers are getting better at tricking you.

If you’ve given your financial and personal information to a fake store, here’s what to do next:

• Check if you have insurance coverage. If you’re signed up for identity theft protection, you should have access to a fraud resolution team that can handle many of the next steps for you.
• Notify your bank and credit card company. Contact your bank and any lenders to let them know that your identity has been stolen and to stop fraudulent transactions. They’ll close your accounts and help you open new ones.
• Freeze your credit with all three bureaus. A credit freeze stops scammers from taking out loans or opening new accounts in your name. To freeze your credit, contact each of the three bureaus individually. An identity theft protection service like Aura can monitor your credit and statements for you and alert you to any signs of fraud.
• File an official identity theft report with the FTC. Go to IdentityTheft.gov and file an official report with the FTC. This is an essential step if you need to dispute fraudulent charges.
• File a police report. You can also file a police report for identity theft with your local law enforcement agency. This is an optional step. But you should do it if you have any information about the scammer that could help lead to their arrest.
• Check your credit report and dispute fraudulent charges. Scammers are almost always after your financial accounts. Check for strange charges, accounts you don’t recognize, or unfamiliar loans. If you see anything, contact your bank or the credit agencies to dispute fraudulent charges.‍
• Change your online passwords. If one of your accounts has been compromised, you can assume others are too. Update all of your passwords (especially for sites where you’ve used your credit card).‍
• Let others know about the scam. Online purchase scams only work if no one speaks up. Send a report to the BBB’s Scam Tracker and post negative reviews and comments on shopping sites where you were scammed.

The Bottom Line: Shop Safely Online All Year Round

Online shopping scams are rampant during the holiday season. But that’s not the only time to be careful. Any time you provide your banking information online is an opportunity for a scammer to strike.

Follow these tips to shop safely online. And for added protection, consider signing up for Aura. We’ll monitor your accounts and financial information for signs of fraud so you can shop, browse, and work online, safely.

Protect yourself from online scams and fraud. Try Aura 14-days free.